hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add a flow step for Path::toFile in ZipSlip

Browse Source
This commit is contained in:
Robin Neatherway
2019-02-07 11:09:20 +00:00
parent 383e82a3f3
commit 409733838b
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
java/ql/test/query-tests/security/CWE-022/semmle/tests/ZipTest.java
View File

@@ -51,4 +51,13 @@ public class ZipTest {
throw new Exception();
FileOutputStream os = new FileOutputStream(file); // OK
}
public void m6(ZipEntry entry, Path dir) {
String canonicalDest = dir.toFile().getCanonicalPath();
Path target = dir.resolve(entry.getName());
String canonicalTarget = target.toFile().getCanonicalPath();
if (!canonicalTarget.startsWith(canonicalDest + File.separator))
throw new Exception();
OutputStream os = Files.newOutputStream(target); // OK
}
}